Cyber-Security Management of ATM Services: are we ready for the future?

Air traffic management is undergoing fundamental cross-border transformation, requiring increased collaboration and service-oriented interaction between its stakeholders. In addition to the anticipated benefits, new ways of working introduce cyber-security risks that need to be well managed. However, it remains to be seen whether risk management frameworks developed for other domains can maintain the cyber-security of future air traffic management services. Mariken Everdij, Bart Gijsen, Andre Smulders, Theo Verhoogt, and René Wiegers investigate state-of-the-art cyber-security practices for air traffic management services, and explore options for the future.

Air Traffic Management (ATM) is currently undergoing a fundamental transformation, implemented by programmes such as Single European Sky ATM Research (SESAR) in Europe and the Next Generation Air Transportation programme (NextGen) in the U.S.A. The transformation is driven by the need to improve the performance of ATM in terms of safety, capacity, environment and economy, leading to the requirement for new developments in operational concepts and deployment of technological enablers. In the context of the Single European Sky (SES) ambition, this transformation takes form in increased collaboration, and a more open and service-oriented interaction between ATM stakeholders.

As part of this transformation, the ATM Information and Communication Technology (ICT) landscape is also gradually changing in terms of the ICT infrastructure, as well as the way ICT-based ATM functions are developed and controlled. In order to accommodate next generation ATM functions, service-oriented architectures are being explored. Within SESAR, a system-wide information management (SWIM) environment is being developed to facilitate the sharing of essential information between all ATM stakeholders. SWIM will introduce new communication methods and technologies, including commercial internet-based solutions.

This development shows that while the SES evolution brings a wide range of business and societal opportunities within reach, the new way of working also introduces cyber-security risks. The openness between collaborating stakeholders is a vulnerability in itself, and a service-oriented way of working increases interdependencies. The ATM sector faces the challenge of successfully achieving the benefits of the SES evolution, while safeguarding the cyber-resilience of the pan-European ATM systems.

Cyber-security requires a structured approach in the form of a management system consisting of a combination of organisational, procedural and technological elements. However, it remains an open question whether cyber-security of future ATM services can be achieved and managed by applying traditional cyber-security and risk management frameworks, which are not specific for ATM. This article presents a view on cyber-security frameworks that are fit for a future with collaborating, interdependent ATM stakeholders. It identifies state-of-the-art and current cyber-security practices for ATM, and illustrates directions for cyber-security methodologies for the future service-oriented SES.

State-of-the-Art Cyber-Security Methods

One of the challenges in addressing ATM cyber-security is to identify relevant and applicable cyber-security methods (including techniques, processes, and approaches). Therefore, a literature search was performed, aiming to collect methods that can be used in support of cyber-security management and risk assessment in ATM.

The literature search was conducted in the public domain, complemented by a search in the SESAR domain and by background knowledge of the research team. Methods found were organised in a list, and details were collected including a brief description of, and references to, source material used.
Some methods were referred to under different names or had become obsolete. Therefore, the list was reduced to 82 distinct and relevant methods. The resulting list was used as a starting point for further study and analysis. It should be highlighted that the result is not exhaustive and that many other methods may be available to support cyber-security analysis.